Add support for passing extra arguments to the passt binary through
the domain XML configuration. This allows users to specify additional
command-line arguments for passt that are not covered by existing
structured fields.
The new extraArgs attribute is added to the backend element:
The extraArg
On Wed, Jun 25, 2025 at 09:40:16AM +0200, Enrique Llorente via Devel wrote:
> Add support for passing extra arguments to the passt binary through
> the domain XML configuration. This allows users to specify additional
> command-line arguments for passt that are not covered by existing
> structured
Add check in virt-host-validate for secure guest support
on x86 for Intel Trust Domain Extentions.
Suggested-by: Daniel P. Berrangé
Signed-off-by: Zhenzhong Duan
Reviewed-by: Daniel P. Berrangé
---
tools/virt-host-validate-common.c | 31 ++-
tools/virt-host-validate
We now have the '+inteltdx' variant dumped from a modern qemu with tdx support,
add qemuxmlconftest data for that variant.
Signed-off-by: Zhenzhong Duan
---
...h-security-tdx.x86_64-latest+inteltdx.args | 44 +++
...ch-security-tdx.x86_64-latest+inteltdx.xml | 74 +++
tes
Implement TDX check in order to generate domain feature capability
correctly in case the availability of the feature changed.
For INTEL TDX the verification is:
- checking if "/sys/module/kvm_intel/parameters/tdx" contains the
value 'Y': meaning TDX is enabled in the host kernel.
Signed-off-b
Extend qemu TDX capability to domain capabilities.
Signed-off-by: Chenyi Qiang
Signed-off-by: Zhenzhong Duan
Reviewed-by: Daniel P. Berrangé
---
docs/formatdomaincaps.rst | 1 +
src/conf/domain_capabilities.c | 1 +
src/conf/domain_capabilities.h | 1 +
src/conf/schemas/domaincaps.r
When 'tdx' is used, the VM will be launched with Intel TDX feature enabled.
TDX feature supports running encrypted VM (Trust Domain, TD) under the
control of KVM. A TD runs in a CPU model which protects the confidentiality
of its memory and its CPU state from other software.
There are four optiona
mrConfigId/mrOwner/mrOwnerConfig are base64 encoded SHA384 digest,
can be provided for TDX attestation.
Check their decoded lengths to ensure they are 48 bytes.
Signed-off-by: Zhenzhong Duan
---
src/conf/domain_validate.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff
On Wed, Jun 25, 2025 at 10:38 AM Pavel Hrdina wrote:
>
> On Wed, Jun 25, 2025 at 09:40:16AM +0200, Enrique Llorente via Devel wrote:
> > Add support for passing extra arguments to the passt binary through
> > the domain XML configuration. This allows users to specify additional
> > command-line ar
On Wed, Jun 25, 2025 at 11:39:55AM +0200, Enrique Llorente Pastora via Devel
wrote:
> On Wed, Jun 25, 2025 at 10:38 AM Pavel Hrdina wrote:
> >
> > On Wed, Jun 25, 2025 at 09:40:16AM +0200, Enrique Llorente via Devel wrote:
> > > Add support for passing extra arguments to the passt binary through
@Peter Krempa Can you take a look ?
On Mon, Jun 23, 2025 at 12:04 PM Han Han wrote:
>
>
> On Mon, Jun 23, 2025 at 5:39 PM Han Han wrote:
>
>>
>>
>> On Fri, May 30, 2025 at 8:22 PM Enrique Llorente via Devel <
>> devel@lists.libvirt.org> wrote:
>>
>>> This commit introduces a feature enhancemen
As the tdx launch security type support is added, expose it in domain
capabilities so that domain definition validation check can take
effect.
Signed-off-by: Zhenzhong Duan
---
src/qemu/qemu_capabilities.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c b/src/q
Signed-off-by: Zhenzhong Duan
---
docs/formatdomain.rst | 63 +++
1 file changed, 63 insertions(+)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 9a2f065590..5acebefec0 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -95
For secure guest, FakeReboot kills original QEMU instance and
create new one. During this process, QEMU send SHUTDOWN event
with "host-signal" reason which can trigger another FakeReboot.
Check if a FakeReboot is ongoing and bypass "host-signal"
processing which originally comes from FakeReboot.
We can reboot a TDX guest with 'virsh reboot' or 'virsh shutdown' if action
for onPoweroff is 'restart'. But running reboot command in guest shell will
always lead to shutdown.
This behavior is not consistent with normal guest, fix it by checking
shutdown reason and action configuration to trigger
When TD VM reboot, qemu process is recreated by destroying old and
creating new one. When new qemu process starts, it sends a RESUME
event while libvirt domain isn't in run state yet. Then event
VIR_DOMAIN_EVENT_RESUMED is sent out and confuse control plane.
Check priv->pausedShutdown and bypass t
TDX guest doesn't support system_reset, so have to kill the old guest and
start a new one to simulate the reset. This can be achieved by calling
qemuProcessFakeRebootViaRecreate().
Domain lock is already hold in qemuDomainReset() before calling
qemuProcessFakeRebootViaRecreate(), so bypass locking
Hi,
This series brings libvirt the x86 TDX support.
* What's TDX?
TDX stands for Trust Domain Extensions which isolates VMs from
the virtual-machine manager (VMM)/hypervisor and any other software on
the platform.
This patchset extends libvirt to support TDX, with which one can start a TDX
guest
On Tue, Jun 24, 2025 at 14:27:58 +0200, Michal Privoznik via Devel wrote:
> From: Michal Privoznik
>
> Inside of qemuMonitorJSONGetBlockInfo() there's a for loop in
> which a variable of struct qemuDomainDiskInfo type is declared
> and initialized as { false }. This works only because stdbool.h
>
On Wed, Jun 25, 2025 at 09:27:33 +0800, liu.xuem...@zte.com.cn wrote:
> From: Liu Song
>
> The ff callback is never called in remoteStreamCallbackFree() because
> cbdata->cb can not be NULL. This causes a leak of 'cbdata->opaque'.
>
> The leak can be reproduced by attaching and detaching to the
On Wed, Jun 25, 2025 at 11:50:18 +0200, Enrique Llorente Pastora wrote:
> @Peter Krempa Can you take a look ?
This is not my area. Also please don't contact individuals:
https://www.libvirt.org/submitting-patches.html#review-process
QEMU will provides 'tdx-guest' object which is used to launch encrypted
VMs on Intel platform using TDX feature.
Command line looks like:
$QEMU ... \
-object
'{"qom-type":"tdx-guest","id":"lsec0","mrconfigid":"xxx","mrowner":"xxx","mrownerconfig":"xxx","attributes":268435457}'
\
-machine pc-
'tdx-guest' object supports a "quote-generation-socket" property for
attestation purpose. When "quote-generation-socket" is configured in
guest xml, libvirt generates unix socket format cmdline for QEMU.
'Path' element can be omitted, default path "/var/run/tdx-qgs/qgs.socket"
is used in this case
Add element "quoteGenerationSocket" to tdx launch security type.
It contains only an optional unix socket address attribute,
when omitted, libvirt will use default QGS server address
"/var/run/tdx-qgs/qgs.socket".
UNIX sockets offer the required functionality with greater
security than vsock, so l
From: Liu Song
The ff callback is never called in remoteStreamCallbackFree() because
cbdata->cb can not be NULL. This causes a leak of 'cbdata->opaque'.
The leak can be reproduced by attaching and detaching to the console of
an VM using `virsh console`.
ASAN reports the leak stack as:
Direct le
QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU.
Signed-off-by: Chenyi Qiang
Signed-off-by: Zhenzhong Duan
Reviewed-by: Daniel P. Berrangé
---
src/qemu/qemu_capabilities.c | 2 ++
src/qemu/qemu_capabilities.h | 1 +
2 files changed, 3 insertions(+)
diff --git a/src/qemu/qemu_capabi
On Wed, Jun 25, 2025 at 17:45:31 +0800, Zhenzhong Duan wrote:
> Add data based on 'v10.0.0-1724-gf9a3def17b'.
Note that we do accept data based on the in-development branch of qemu,
but you need to pledge that you'll post an update to this once qemu
10.1 will be released. (I'll notify you).
>
>
On Wed, Jun 25, 2025 at 13:19:34 +0200, Peter Krempa via Devel wrote:
> On Wed, Jun 25, 2025 at 17:45:15 +0800, Zhenzhong Duan wrote:
> > QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU.
> >
> > Signed-off-by: Chenyi Qiang
> > Signed-off-by: Zhenzhong Duan
> > Reviewed-by: Daniel P. B
On Wed, Jun 25, 2025 at 17:45:23 +0800, Zhenzhong Duan wrote:
> 'tdx-guest' object supports a "quote-generation-socket" property for
> attestation purpose. When "quote-generation-socket" is configured in
> guest xml, libvirt generates unix socket format cmdline for QEMU.
>
> 'Path' element can be
On Wed, Jun 25, 2025 at 17:45:15 +0800, Zhenzhong Duan wrote:
> QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU.
>
> Signed-off-by: Chenyi Qiang
> Signed-off-by: Zhenzhong Duan
> Reviewed-by: Daniel P. Berrangé
> ---
> src/qemu/qemu_capabilities.c | 2 ++
> src/qemu/qemu_capabilitie
Utilize the existing fake reboot mechanism to do reboot for TDX guest.
Different from normal guest, TDX guest doesn't support system_reset,
so have to kill the old guest and start a new one to simulate the reboot.
Co-developed-by: Chenyi Qiang
Signed-off-by: Zhenzhong Duan
---
src/qemu/qemu_pr
TDX guest requires some special parameters to boot, currently:
"kernel_irqchip=split"
"pmu!=on"
"smm!=on"
"-bios"
If not specified explicitly, QEMU should configure this option implicitly
when start a TDX guest.
Signed-off-by: Zhenzhong Duan
Reviewed-by: Daniel P. Berrangé
---
src/qemu/qe
On Wed, Jun 25, 2025 at 11:50 AM Daniel P. Berrangé
wrote:
>
> On Wed, Jun 25, 2025 at 11:39:55AM +0200, Enrique Llorente Pastora via
Devel wrote:
> > On Wed, Jun 25, 2025 at 10:38 AM Pavel Hrdina
wrote:
> > >
> > > On Wed, Jun 25, 2025 at 09:40:16AM +0200, Enrique Llorente via Devel
wrote:
> > >
On Wed, Jun 25, 2025 at 12:50:51 +0100, Daniel P. Berrangé wrote:
> On Wed, Jun 25, 2025 at 01:19:34PM +0200, Peter Krempa wrote:
> > On Wed, Jun 25, 2025 at 17:45:15 +0800, Zhenzhong Duan wrote:
> > > QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU.
> > >
> > > Signed-off-by: Chenyi Qi
On Thu, Jun 26, 2025 at 03:53:35 -, liu.son...@zte.com.cn wrote:
> > On Wed, Jun 25, 2025 at 09:27:33 +0800, liu.xuemei1(a)zte.com.cn wrote:
> >
> > The above looks weird. Now 'client' is referenced twice and you delete
> > an empty line?
> Since the patch fixes the virStreamEventAddCallback (
> On Wed, Jun 25, 2025 at 09:27:33 +0800, liu.xuemei1(a)zte.com.cn wrote:
>
> The above looks weird. Now 'client' is referenced twice and you delete
> an empty line?
Since the patch fixes the virStreamEventAddCallback (not freeing its 'opaque'),
'client' should be referenced before every call of i
After recent inquiry on libvirt-users I've necromanced this already very
old series that I still had laying around.
This series:
- turns virStorageSource's 'protocol' to real enum
- removes virStorageSource's 'volume'
- wires in the RBD support
Han Han (1):
qemu: Add support for RBD namespac
From: Peter Krempa
Automatically free 'priv' and call 'glfs_fini()' directly from the two
error paths.
Signed-off-by: Peter Krempa
---
.../storage_file_backend_gluster.c| 22 ---
1 file changed, 9 insertions(+), 13 deletions(-)
diff --git a/src/storage_file/storage
From: Peter Krempa
Convert the member to the appropriate type, fix few offending parse
calls and remove explicit typecasts in switch().
Signed-off-by: Peter Krempa
---
src/conf/domain_conf.c| 5 +
src/conf/domain_validate.c| 2 +-
src/conf/stor
From: Han Han
Since Nautilus ceph supports separate image namespaces within a pool for
tenant isolation and QEMU adds it as a rbd blockdev options from 5.0.0.
The source name with format "//" could be used to
access a rbd image with namespace.
Add unit tests for this attribute.
https://bugzilla
On Tue, Jun 24, 2025 at 11:47:57 +0200, Jiri Denemark wrote:
> On Mon, Jun 23, 2025 at 21:59:14 +0200, Peter Krempa wrote:
> > From: Peter Krempa
> >
> > While 'usb-bot' and 'usb-storage' are ABI and migration compatible for
> > disks it's not the case for cdroms. When migrating from a new config
For secure guest, FakeReboot kills original QEMU instance and
create new one which is quite different from normal guest.
To reflect this fact, VIR_DOMAIN_EVENT_[STOPPED|STARTED]
are sent to control plane with new introduced reasons
VIR_DOMAIN_EVENT_[STOPPED|STARTED]_RECREATION.
That would let con
On Wed, Jun 25, 2025 at 01:19:34PM +0200, Peter Krempa wrote:
> On Wed, Jun 25, 2025 at 17:45:15 +0800, Zhenzhong Duan wrote:
> > QEMU_CAPS_TDX_GUEST set means TDX supported with this QEMU.
> >
> > Signed-off-by: Chenyi Qiang
> > Signed-off-by: Zhenzhong Duan
> > Reviewed-by: Daniel P. Berrangé
Upcoming patch will introduce test data from an TDX-enabled host.
Document the new variant.
Signed-off-by: Zhenzhong Duan
---
tests/qemucapabilitiesdata/README.rst | 5 +
1 file changed, 5 insertions(+)
diff --git a/tests/qemucapabilitiesdata/README.rst
b/tests/qemucapabilitiesdata/README.
Laurent Vivier writes:
> On 24/06/2025 14:03, Daniel P. Berrangé wrote:
>> On Tue, Jun 24, 2025 at 01:55:20PM +0200, Markus Armbruster wrote:
>>> Laurent Vivier writes:
>>>
On 24/06/2025 10:16, Markus Armbruster wrote:
> Laurent Vivier writes:
>
>> This commit introduces suppor
On Tue, Jun 24, 2025 at 01:55:20PM +0200, Markus Armbruster wrote:
> Laurent Vivier writes:
>
> > On 24/06/2025 10:16, Markus Armbruster wrote:
> >> Laurent Vivier writes:
> >>
> >>> This commit introduces support for passt as a new network backend.
> >>> passt is an unprivileged, user-mode net
On Mon, Jun 23, 2025 at 21:59:15 +0200, Peter Krempa wrote:
> From: Peter Krempa
>
> While the 'usb-storage' based disks use the USB address directly, with
> 'usb-bot' the USB address is on the "controller" part of the device and
> the 'scsi-hd/cd' device will use a 'drive' address from qemu's Po
From: Peter Krempa
While historically we've stored the 'pool' and 'image' properties of RBD
and gluster images in separate fields but they are presented in a single
field in the XML. This creates multiple points where they need to be
separated and combined.
Introduce helper 'virStorageSourceNetw
On Tue, Jun 24, 2025 at 11:25:03 +0200, Jiri Denemark wrote:
> On Mon, Jun 23, 2025 at 21:59:13 +0200, Peter Krempa wrote:
> > From: Peter Krempa
> >
> > Historically libvirt specified 'usb-storage' as driver for USB disks.
> > This though combined with '-blockdev' doesn't properly configure the
49 matches
Mail list logo
